Even software developers often lack formal security training, says Kayne McGladrey, director of information security services at Boulder, Colorado security consulting firm Integral Partners. And even those who do can face pressure to roll code out quickly from employers impatient to see new features and fixes in production, he says.

There’s quite a lot of optimism in Generation AI, the IEEE study of millennial parent’s attitudes about artificial intelligence. The findings of the study are evolutionary, not revolutionary, as views towards artificial intelligence have become more refined over the years. However, the optimism shown in this study pre-supposes that we can move past our current cybersecurity issues.

Forget light switches and thermostat buttons in the office. IoT sensors can control when lights go on and off, as well as heating and cooling in the office. Lights can go on and off based on your location.

Spring cleaning is a tradition for millions of families, but most companies lack the same tradition when it comes to the long-term management of their Identity and Access Management (IAM) programs. This is not benign neglect, but rather an underlying fear that the IAM program resembles a shaky tower of cardboard boxes full with random stuff, sitting in the garage.

Cybersecurity threats are affecting consulting and professional service firms causing substantial losses. Kayne McGladrey (@kaynemcgladrey), an IEEE Member and professional services director, weighed in on how consulting firms can mitigate threats, keep client data safe and learn from current breaches.

Consulting firms can suffer irreparable damage to their reputation if they lose client data due to a cybersecurity incident. This article examines the current threat landscape and provides strategic guidance to prevent professional services firms from becoming the next breach statistic.

Interviews are inherently challenging and stressful for candidates, and everyone makes mistakes during an interview. Avoiding these seven common mistakes does not guarantee that a candidate will not advance to the second interview at a consulting firm; however, candidates who commit multiple of these (particularly concurrently) won’t be asked back.

Our fifteen-year legacy of organizations implementing the relevant regulatory standards and still suffering cyber security breaches has led forward-thinking organizations to focus on risk management rather than compliance for compliance’s sake.

This article will examine the costs and budgetary considerations for a new bad actor, lacking global resources, to set up a single privileged identity theft campaign to be able to launch insider attacks. The costs shown will assume corporate targets in the greater Seattle metropolitan area. This article will also briefly examine countermeasures.

The good news is that it is still possible to become an evil villain for an initial investment of under $1,500 USD, despite rising labor costs.

However, the biggest utility for my Pebble was two-factor authentication from my bank. My bank has had a somewhat tortured Consumer Identity and Access Management rollout over the years. They initially had single-factor authentication – a username and password. They briefly flirted with pictures, until they realized the Internet has an insatiable love of cats. They then deployed Knowledge-Based Authentication, safe in the knowledge that no-one would post their first spouse’s name, the name of their elementary school, and their favorite band on Facebook. Thus, they reluctantly deployed SMS-based two-factor authentication.